|
OLD | NEW |
---|---|
(Empty) | |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "sandbox/src/handle_policy.h" | |
6 | |
7 #include <string> | |
8 | |
9 #include "base/win/scoped_handle.h" | |
10 #include "sandbox/src/ipc_tags.h" | |
11 #include "sandbox/src/policy_engine_opcodes.h" | |
12 #include "sandbox/src/policy_params.h" | |
13 #include "sandbox/src/sandbox.h" | |
14 #include "sandbox/src/sandbox_factory.h" | |
15 #include "sandbox/src/sandbox_types.h" | |
16 #include "sandbox/src/sandbox_utils.h" | |
17 #include "sandbox/src/win_utils.h" | |
18 | |
19 namespace sandbox { | |
20 | |
21 bool HandlePolicy::GenerateRules(const wchar_t* name, | |
22 TargetPolicy::Semantics semantics, | |
rvargas (doing something else)
2012/03/27 00:35:33
nit: indentation
jschuh
2012/03/27 01:36:19
Done.
| |
23 LowLevelPolicy* policy) { | |
24 // We don't support any other semantics for handles yet. | |
25 if (TargetPolicy::HANDLES_DUP_ANY != semantics) { | |
26 return false; | |
27 } | |
28 PolicyRule handle(ASK_BROKER); | |
rvargas (doing something else)
2012/03/27 00:35:33
nit: handle_rule? (or rule)
jschuh
2012/03/27 01:36:19
How about duplicate_rule?
rvargas (doing something else)
2012/03/27 02:30:59
That works
| |
29 if (!handle.AddStringMatch(IF, NameBased::NAME, name, CASE_INSENSITIVE)) { | |
30 return false; | |
31 } | |
32 if (!policy->AddRule(IPC_DUPLICATEHANDLEPROXY_TAG, &handle)) { | |
33 return false; | |
34 } | |
35 return true; | |
36 } | |
37 | |
38 DWORD HandlePolicy::DuplicateHandleProxyAction(EvalResult eval_result, | |
39 const ClientInfo& client_info, | |
40 HANDLE source_handle, | |
41 DWORD target_process_id, | |
42 HANDLE* target_handle, | |
43 DWORD desired_access, | |
44 BOOL inherit_handle, | |
45 DWORD options) { | |
46 // The only action supported is ASK_BROKER which means duplicate the handle. | |
47 if (ASK_BROKER != eval_result) { | |
48 return ERROR_ACCESS_DENIED; | |
49 } | |
50 | |
51 // Make sure the target is one of our sandboxed children. | |
52 if (!SandboxFactory::GetBrokerServices()->IsActiveTarget(target_process_id)) { | |
rvargas (doing something else)
2012/03/27 00:35:33
Calling GetBrokerServices feels weird.
jschuh
2012/03/27 01:36:19
Can't think of a better way. It's the only thing t
rvargas (doing something else)
2012/03/27 02:30:59
What I don't like is going through the external in
| |
53 return ERROR_ACCESS_DENIED; | |
54 } | |
55 | |
56 base::win::ScopedHandle target_process(::OpenProcess(PROCESS_DUP_HANDLE, | |
57 FALSE, | |
58 target_process_id)); | |
59 if (NULL == target_process) | |
60 return ::GetLastError(); | |
61 | |
62 DWORD result = ERROR_SUCCESS; | |
63 if (!::DuplicateHandle(client_info.process, source_handle, target_process, | |
64 target_handle, desired_access, inherit_handle, | |
65 options)) { | |
66 return ::GetLastError(); | |
67 } | |
68 | |
69 return ERROR_SUCCESS; | |
70 } | |
71 | |
72 } // namespace sandbox | |
73 | |
OLD | NEW |